DaVita says ransomware gang stole data of nearly 2.7 million people 肾脏透析公司DaVita遭勒索软件攻击，近270万人的个人信息和健康数据被盗。攻击者于3月24日入侵其网络，直至4月12日被发现。泄露数据包括姓名、地址、社保号等敏感信息及健康记录。Interlock团伙声称对此负责，并在暗网泄露数据。事件对公司运营造成重大影响。... 2025-8-22 09:45:33 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com davita dialysis interlock ransomware network

Dev gets 4 years for creating kill switch on ex-employer's systems 一名软件开发人员因报复前雇主使用恶意软件和"kill switch"锁定员工账户被判四年监禁。... 2025-8-22 00:0:21 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com lu prison windows malicious reportedly

Colt confirms customer data stolen as Warlock ransomware auctions files 英国电信公司Colt确认客户文档被盗并被Warlock勒索团伙在暗网上拍卖。该团伙声称窃取了100万份文件，包括财务和客户信息。Colt于8月12日遭受攻击，此次为首次确认数据被盗。... 2025-8-21 20:45:17 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com ransomware warlock colt network

Europol confirms $50,000 Qilin ransomware reward is fake 欧洲刑警组织证实一个冒充其机构的Telegram频道为假，该频道声称提供5万美元悬赏以获取Qilin勒索软件管理员信息。随后冒充者承认此举是为了恶搞研究人员和记者。... 2025-8-21 16:30:19 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com ransomware qilin troll reward haise

Microsoft asks customers for feedback on SSD failure issues Microsoft's August 2025 security update, KB5063878, is causing data corruption and drive failures in SSDs and HDDs across multiple brands. The company is investigating the issue, unable to reproduce it on updated Windows 11 systems, and urges affected users to report via Support or Feedback Hub. Users are advised to avoid large file operations until resolved.... 2025-8-21 15:0:20 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com microsoft phison windows drives corruption

Why Certified VMware Pros Are Driving the Future of IT 文章探讨了复杂IT环境中VMware认证的重要性及其对个人和团队能力的提升作用。通过统一技术语言和协作创新，认证不仅增强了团队应对威胁的能力，还提升了组织的战略优势。VMUG提供的资源助力这一过程。... 2025-8-21 14:0:21 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com vmug certified security expertise threats

FBI warns of Russian hackers exploiting 7-year-old Cisco flaw FBI警告称，与俄罗斯FSB相关的黑客正利用Cisco设备中的7年漏洞CVE-2018-0171攻击关键基础设施组织。该漏洞可使攻击者远程控制设备并引发拒绝服务或执行任意代码。FBI指出，这些黑客已收集数千个美国实体的网络设备配置文件，并修改部分设备配置以获取未经授权的访问权限。他们还利用此访问权限进行侦察活动，并对工业控制系统相关协议和应用表现出兴趣。Cisco敦促管理员尽快修补漏洞以应对持续攻击。... 2025-8-21 12:30:19 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com 0171 unpatched fsb talos russia

Scattered Spider hacker gets sentenced to 10 years in prison Noah Michael Urban, a key member of the Scattered Spider cybercrime group, was sentenced to 10 years in prison for stealing millions via phishing and SIM swap attacks. The group targeted high-profile organizations and used stolen credentials to hijack email accounts and cryptocurrency wallets. Urban admitted to earning millions from crypto theft but lost most on gambling. The gang also partnered with ransomware operations and shifted focus to aviation and transportation industries.... 2025-8-21 08:45:18 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com scattered spider urban collective arrested

Orange Belgium discloses data breach impacting 850,000 customers Orange Belgium遭遇网络攻击，约85万客户数据被盗。受影响数据包括姓名、电话号码等个人信息，但未涉及密码和财务信息。公司已通知客户并提醒警惕诈骗行为。此次事件与此前Orange集团披露的另一起网络攻击无关。... 2025-8-21 07:15:18 | 阅读: 82 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com orange belgium telecom passwords revenues

OpenAI says GPT-6 is coming and it'll be better than GPT-5 (obviously) OpenAI CEO透露GPT-6正在开发中，将比GPT-5更快推出。GPT-5发布虽有改进但不尽如人意，公司计划在产品功能上进一步优化。... 2025-8-21 00:0:26 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com gpt openai altman reporters rollout

AI website builder Lovable increasingly abused for malicious activity 网络犯罪分子利用AI驱动的Lovable平台创建钓鱼网站和恶意门户，模仿知名品牌并使用CAPTCHA过滤系统。尽管Lovable采取了反滥用措施，但随着AI生成器增多，网络犯罪门槛降低。自2月起，Proofpoint发现数万Lovable链接用于恶意活动，包括钓鱼攻击、支付诈骗、加密货币盗窃和恶意软件分发。... 2025-8-20 22:15:17 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com lovable phishing proofpoint malicious captcha

Apple fixes new zero-day flaw exploited in targeted attacks 苹果修复了零日漏洞CVE-2025-43300，该漏洞被用于针对特定目标的复杂攻击。该漏洞存在于Image I/O框架中，可能导致内存越界写入和远程代码执行。苹果已通过改进边界检查在多个系统版本中修复此问题，并强调用户应尽快安装更新以防范潜在攻击。这是苹果今年修复的第六个零日漏洞。... 2025-8-20 18:45:17 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com exploited inch security memory 3rd

Perplexity’s Comet AI browser tricked into buying fake items online 研究发现新兴的代理AI浏览器（如Perplexity的Comet和微软Edge的Copilot功能）存在严重安全漏洞，易受钓鱼攻击、提示注入和虚假购物网站影响。测试显示这些工具可被诱导在恶意网站完成交易或泄露敏感信息。专家警告称此类工具尚未成熟，建议避免用于处理银行、购物等敏感任务。... 2025-8-20 17:45:19 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com guardio comet agentic phishing injection

“Rapper Bot” malware seized, alleged developer identified and charged 美国司法部起诉22岁男子Ethan Foltz开发并运营"Rapper Bot" DDoS僵尸网络，该网络自2021年起活跃，感染数万台设备并发动针对全球超1.8万家机构的攻击。该僵尸网络于8月6日被执法部门查封。... 2025-8-20 17:45:18 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com rapper doj foltz terabits complaint

Hackers steal Microsoft logins using legitimate ADFS redirects 黑客利用结合合法的office.com链接与Active Directory Federation Services（ADFS），将用户重定向至钓鱼页面窃取微软365登录信息。攻击通过可信域绕过检测和多因素认证，并利用恶意链接和条件加载限制访问目标。建议监测ADFS重定向并检查广告参数以防范此类攻击。... 2025-8-20 15:45:18 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com phishing microsoft security adfs malicious

Major password managers can leak logins in clickjacking attacks Six major password managers with tens of millions of users are currently vulnerable to unpat... 2025-8-20 15:0:20 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com tóth marek autofill bitwarden lastpass

Why email security needs its EDR moment to move beyond prevention 文章指出电子邮件安全正面临与十年前杀毒软件类似的问题，并提出需引入类似EDR（终端检测与响应）的机制来增强防御能力。通过提供可见性、行为检测、补救工具和强化措施等多层保护机制，在传统预防手段之外构建更强大的防御体系。... 2025-8-20 14:30:22 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com security attackers cloud resilience mindset

Microsoft investigates outage impacting Copilot, Office.com 微软正在调查北美地区用户无法访问Office.com和Copilot的问题，该问题已持续约两小时，导致服务器连接困难和登录问题。公司正收集数据以确定原因，并尝试内部复现问题。用户可通过其他方式访问Copilot。此事件被归类为关键服务问题。... 2025-8-20 14:30:20 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com microsoft copilot north mitigated telemetry

Microsoft reportedly fixing SSD failures caused by Windows updates Windows 11 24H2更新引发部分SSD和HDD数据损坏及故障问题，尤其影响Phison控制器的存储设备。微软正与厂商合作修复问题，建议用户避免一次性写入大量文件以减少风险。... 2025-8-20 11:30:19 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com phison windows drives reportedly microsoft

Microsoft fixes Windows upgrades failing with 0x8007007F error Microsoft修复了导致部分Windows 11和Windows Server系统在通过“Windows Setup > Upgrade”安装时出现`0x8007007F`错误的已知问题，并于2025年8月15日完成修复。受影响的升级路径包括从特定旧版Windows 10和Server版本升级到较新版本。用户可重试升级以解决问题。此外，微软还发布了紧急更新以解决其他相关问题。... 2025-8-20 08:30:20 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - www.bleepingcomputer.com windows upgrades microsoft 0x8007007f 22h2